Privacy Policy

Effective Date: January 22, 2025

I’m committed to protecting your privacy and keeping your personal information safe. This Privacy Policy explains how I collect, use, and protect your data to provide the best service and smooth experience when you interact with my services, including payments made through Stripe.

By using my services, you agree to the way I handle your information as described in this policy.

1. Information I Collect

Here’s the type of personal information I may collect and why I need it:

  • Contact Information: Your name, email address, and billing address. I use this information to communicate with you about your projects, issue invoices, ensure compliance with tax laws, and protect against fraud.

  • Payment Information: Payments are securely processed through Stripe. I don’t have access to your full card details, but I might see limited information, like the last four digits of your card number, for reference. If you choose to save your payment method through Stripe, I may be able to auto-charge you for future payments, with your prior consent.

  • Project and Business Details: Information about your projects, preferences, and business needs so I can tailor my services to you.

  • Technical Information: Details like your IP address and browser type that are automatically collected when you interact with my services. This helps me keep things secure and prevent unauthorized access or fraud.

2. How I Use Your Information

I use the information I collect for the following purposes:

  • Provide Services: To deliver and manage my game development services, including keeping you updated on project progress and deliverables.

  • Process Payments: To securely handle payments through Stripe, issue invoices, and manage financial transactions. If you've saved your payment information, I may also auto-charge you for future payments with your consent.

  • Support You: To respond to your inquiries, provide assistance with technical issues, and improve my customer service.

  • Follow the Law: To comply with legal obligations, prevent fraud, and maintain the security of my services.

I only use the data necessary to achieve these purposes, following data protection laws.

3. Legal Reasons for Using Your Data

Under GDPR, I process your data for the following reasons:

  • To Fulfill Our Agreement: I use your information to provide the services you’ve asked for and handle payments.

  • With Your Consent: If you’ve given permission (e.g., for marketing emails), I process your data based on that consent. You can withdraw consent at any time by contacting me.

  • To Meet Legal Obligations: I may need to process your data to comply with laws, such as tax or accounting requirements.

  • For Legitimate Reasons: I may use your information to improve my services or secure my website, as long as these uses don’t interfere with your privacy rights. For example, I might use technical data to prevent unauthorized access to my website.

4. Sharing Your Information

I do not sell or rent your personal information. However, I may share it in the following situations:

  • Payment Processing: I share your payment details with Stripe, my secure payment processor, to handle transactions. Stripe has its own privacy policy, which you can find here.

  • Service Providers: I may share your data with trusted third-party service providers who help me deliver my services (e.g., hosting providers, email services).

  • Legal Compliance: If required by law or to protect my legal rights, I may share your information with law enforcement or other authorities.

5. Data Transfers Outside the EU/EEA

If I need to transfer your personal data to service providers or partners outside the European Economic Area (EEA), I make sure your data is protected. This includes:

  • Ensuring that the country receiving the data has an adequate level of protection, as recognized by the European Commission.

  • Using legally approved agreements to protect your data.

  • Implementing other safeguards, like binding corporate rules, to ensure your data is secure.

For example, I use Stripe for payment processing, which may involve transferring data to the United States. Stripe follows GDPR rules by using legally approved agreements and other recognized protections.

6. Stripe’s Role

Payments are securely processed through Stripe, a trusted payment platform that keeps your transactions safe. Stripe is certified to meet PCI DSS (Payment Card Industry Data Security Standard), which means your payment information is protected using top security measures.

I don’t store or have access to your full credit or debit card details—these are handled only by Stripe. For transparency, I may see limited information like the last four digits of your card number or transaction references.

Stripe follows GDPR rules, ensuring your data is safely transferred and stored, even if processed outside the European Economic Area (EEA). You can review Stripe's Privacy Policy for more details.

7. Data Security

I take the necessary steps to protect your personal information from unauthorized access, misuse, or disclosure. This includes securing the systems I use to deliver services and making sure any third-party providers I work with follow strong security standards.

Payment processing is handled securely by trusted providers, as explained in the Stripe’s Role section. For other data, such as project files or communication records, I use encryption and access controls to keep your information safe.

8. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of Access: You can request to see the personal data I hold about you.

  • Right to Rectification: You can ask me to correct any inaccurate or incomplete information.

  • Right to Erasure (Right to be Forgotten): You can request that I delete your personal data, unless I’m required by law to keep it.

  • Right to Restrict Processing: You can ask me to limit how I use your data in certain situations.

  • Right to Data Portability: You can ask for a copy of your data in a format that’s easy to share with another provider.

  • Right to Object: You can object to how I use your data, especially for marketing purposes or if it’s based on legitimate interests.

  • Right to Withdraw Consent: If I rely on your consent to process your data, you can withdraw it at any time. This won’t affect how your data was handled before.

  • Right to Lodge a Complaint: If you think your rights have been violated, you can file a complaint with the relevant data protection authority (in Germany, this is the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI)).

To exercise any of these rights, please contact me.

9. Data Retention

I will keep your personal information for as long as it’s needed to provide services and meet legal, accounting, or reporting requirements.

  • Invoices and payment records will be kept for 10 years, as required by tax and legal rules.

  • Project-related communication and files will generally be kept for the duration of the project and 3 years afterward, but I may retain them longer if needed for future support, ongoing collaboration, or to resolve any disputes. If you would like these files deleted sooner, please let me know.

  • Discord communications (or other similar platforms) may be stored indefinitely, as they often contain project-related details that are important for supporting ongoing projects, handling post-project support, or resolving disputes. If you prefer these records to be deleted, you can request removal at any time.

  • Backup data, if applicable, will also be deleted once it is no longer necessary for these purposes.

If you withdraw consent for data processing, I will delete your data unless I am required to keep it for legal reasons.

10. Cookies and Tracking Technologies

I do not use cookies or similar tracking technologies on my website. However, I may collect technical information, such as your IP address and browser type, through server logs. This helps improve security and user experience. I do not store this information long-term.

If I start using cookies in the future, I will notify you with a clear cookie banner and update this Privacy Policy.

11. Third-Party Links

My website or communications may contain links to third-party websites (e.g., social media platforms, Stripe, or other external services). I am not responsible for the privacy practices of these external sites. I encourage you to review the privacy policies of any third-party websites you visit.

12. Complaints

If you believe I have not complied with data protection laws, you can file a complaint with the Bundesbeauftragter für den Datenschutz und die Informationsfreiheit (BfDI) in Germany or your local data protection authority.

Contact details for the BfDI:
Website: https://www.bfdi.bund.de

You can also contact your local data protection authority for more information.

13. Changes to This Privacy Policy

I may update this Privacy Policy from time to time. Any changes will be posted on this page. For significant updates, I will notify you via email or through my website. Please check back periodically to stay informed about how I protect your data.

14. Contact Me

If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your data rights, please contact me through the contact form.